PC Remote Management in Industrial Settings
-
Upload
dell -
Category
Technology
-
view
1.544 -
download
0
Transcript of PC Remote Management in Industrial Settings
Managing PCs in industrial automation deployments
Josh Neland
Technology Strategist
Global MarketingConfidential2
System
Typical setting
x86 ControllerControllerControllerController
x86 ControllerControllerControllerController
HMI - x86
Global MarketingConfidential3
System
Physical management has limits
SystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystemSystem
Global Marketing4 Confidential
System management overview
Global Marketing
System Management Overview
1. Monitor and manage many systems from a single point
2. Proactively discover, diagnose and correct issues with minimal downtime
3. Increase effectiveness of your service organization
Management Console or Utility
Computer(node)
Computer(node)
Global Marketing
High Level Overview – Node Perspective
Increase choice of What can be managed
Sensors
Network Controllers
StorageControllers
Chassis
WS-MAN/WS-CIM
Intelligent Device
Standard bi-directional & pass through
4
Standard OS & BIOS interfaces
Increase choice of What can manage
Increase choice of Who can
manage
Increase choice of Environment
Management Controller
4 1
23
Local OS & Power States
Remote Management
Console
Local Peer Intelligent Devices
Local Managed Elements
Intelligent Device
Global Marketing
Standardize Key Boundaries on the Managed Node
Network
New Managed Node
Architecture
Legend
Dell Proprietary
Industry Standard
Vendor Provided
Industry Applications
DASH/SMASH/WS-CIM
IPMI/PMCI
Ven
dor
Pro
vid
er
Dell Native
Provider
SMASH System Management Architecture for Server H/WDASH Desktop & Mobile Architecture for System H/WIPMI Intelligent Platform Management InterfacePMCI Platform Management Component Intercommunication
+
Altiris
Customer Created
SCCM
Dell Branded
Customer Created
Provide a Standard Interface for Management Applications
Provide a Standard Interface for Management
Applications
Provide a Standard Interface for Device Level Communications
Global MarketingConfidential8
Architecture
Global Marketing9 Confidential
DASH
Global MarketingConfidential10
DASH
Wrapper specification
• Discovery (WS-Man)
• Security (HTTPS, SSL, CIM)
• Common Information Model (CIM)
• XML for transport/encoding (WS-CIM)
• HTTP for access
Adopted by Tier-1: Dell, IBM, HP, Cisco, BMC, etc.
Controlled by the DMTF
Global MarketingConfidential11
CIM capabilities
• Object Oriented
• Abstraction and classification– classes– properties– associations (aggregate and non-aggregate)– methods
• Inheritance
• Known root objects
• Meta model
Global MarketingConfidential12
Example CIM interfaces
• Device and asset representation: eg. Processor, Chassis, Memory, etc..
• Power control, device control, FW inventory and update interfaces
• 3rd party NVRam datastore
• BIOS Management
• Remote access / control mechanisms
• Diagnostic invocation and result retrieval
• Asynchronous Indication subscription and notification
Global MarketingConfidential13
Web Services for Management (WS-Man)
• SOAP based
• CRUD approach
• Enumerate collections (large tables or logs)
• Subscribe to events
• Execute methods (strongly typed inputs, outputs)
Global MarketingConfidential14
WS-Man example Get request
Global Marketing15
WS-Man example: Get response
Global MarketingConfidential16
WS-CIM
WS-Man
CIM data types
CIM Actions
CIM Indications
Global Marketing17 Confidential
Examples
Global Marketing
Battery representation• This diagram represents battery classes in a notebook.
• Important to note the DesignCapacity and the FullChargeCapacity properties. They are used to determine the health of the battery
Global Marketing
EC Detects a Problem
Console
PLDM message to indicate health change
CIM Indication to console
DASHMC
ECBattery
• EC generates a PLDM message with the appropriate message ID. The Management controller converts the message to a CIM Indication and forwards it to any management Console that has subscribed.
Global Marketing
Enumerate Instances Flow
Console
Get_Device_Data and Get_PhysicalPackage_Data
Enumerate instances of CIM_Battery and CIM_PhysicalPackage
DASHMC
EC Battery
• The console interrogates for asset data
MC
TP
/PLD
M
Managed ElementsInactive ControllerActive Controller
Global Marketing
The Response
Console
Response Data
Instances of CIM_Battery and CIM_PhysicalPackage returned
BatteryPkg1 : PhysicalPackage
Tag : 123456ABCDPackageType: BatteryCanBeFRUed : TrueElementName : 1Manufacturer : “Dell”SKU : 123456ABCDVendorEquipmentType : “8 Cell “
DASHMC
EC
MC
TP
/PLD
M
Battery
Active ControllerInactive ControllerManaged Elements
Global Marketing
Dell™ OptiPlex™ XE Capabilities• The OptiPlex XE SIO reports post and pre-post
failures– Motherboard failure– CPU Thermtrip failure– CPU failure– Powersupply failure– Memory subsystemfailure– Memory DIMM failure– System firmware hang– Corrupt BIOS detected– PCI Configuration failure– Video subsystem failure– No memory detected– USB Subsystem failure– Storage Subsystem failure
Global Marketing
BIOS Representation• This diagram represents BIOS classes in a system
Global Marketing
Enumerate Instances Flow• The console interrogates for BIOS Attributes
Managed Elements
Inactive Controller
Active Controller
Console
• Enumerate instances of CIM_BIOSAttribue
DASHM
CTP
/P
LD
MMC
BIOS
Global Marketing
EC detects a problem• BIOS generates PLDM describing it’s capabilities. The
management controller converts the message to CIM instances and replies to the management console
Console
PLDM messages to describe BIOS attributes
CIM Indication to console
MC
BIOS
DASH
Global Marketing
Enumerate Instances Flow• The console sends new settings for BIOS
Managed ElementsInactive ControllerActive Controller
Console
• Console invokes the SetBIOSAttribuute() method providing the AttributeName and desired Value
DASHM
CTP
/P
LD
M
• The result is saved as a PendingValue until the system reboots
MC
BIOS
Global Marketing
DASH Tools
• AMD– DASH SDK
› DASHCLI supports all functions described
– SCCM DASH Plugin– http://developer.amd.com/CPU/MANAGEABILITY/Pages/default.
aspx
• Altiris – DASH support currently in product.– Support for sensors and BIOS to be added September 2010
Global Marketing28 Confidential
AMT vs. TruManage
Global Marketing
vPro vs TruManage AMT TruManage Dash Profile Support 1.0/1.1 wireless 1.1
Internal Communications protocol ProprietaryDMTF Standard
PLDM/MCTP
BIOS Management No Yes
USB redirection (storage media; read only) No Yes
Text console redirection Yes Yes
Power management (soft-off) No Yes
IDE Redirect Yes No
Zero touch provisioning Yes YesSystem inventory/Asset Mgt Yes Yes
User account management Yes Yes
Offline mailboxes/Opaque management data Yes Yes
Indications Yes Yes
In-band NIC management No Yes
PLDM for sensors No Yes
Out-of-Band IPv6 phase-1 logo Yes Yes
Global Marketing
vPro vs TruManage AMT TruManage
Web GUI / HTML interface Yes Yes
Certificate authority integration Yes Yes
Out-of-band IPv6 phase-2 logo Yes Yes
Power Management (brute force) Yes Yes
Microsoft active directory & Kerberos integration Yes Yes
Event logging Yes Yes
Record log audit or security log Yes Yes
Network quarantining ("circuit breaker") Yes Yes
Agent Presence Yes No
ME Wake on LAN Yes Low Power
DNS Environment Detect Yes Yes
ISV Local access to Event Log Yes No
Wireless Support Yes No
Remote Configuration Yes Yes
WS-MAN Support Yes Yes
Client Initiated Remote Access Yes No
Intel AMT secure measure Yes N/A
Global Marketing31 Confidential
Backup
Global Marketing
PMCI Efforts
• MCTP – Management Component Transport Protocol– Message based internal “chip to chip” protocol.
• PLDM Platform Level Data Model– Defines the data sources and requirements
› Inventory data
› Sensor and indication sources
› BIOS source and interaction
• Used as communication path between management controller and other intelligent devices in the system.
– Dell implements an EC or SIO to aggregate sensors and in the case of diagnostics act as virtual sensor to indicate health state of the system.
Global Marketing
CIM Indication over WS-Man benefits
• CIM_Indications over WS-Man have several benefits – Guaranteed delivery
› Automatic retry and receipt acknowledgement capability
– Rich with data and device specific information› Localizable event messages
› References to alerting component
› Apparent Severity
› Recommended Response Action information available
– Subscription Paradigm› Subscribe only to events/group of events desired
› Subscriptions are generated remotely – no need to physically touch the system
› Subscriptions are retained over reboots